California took a tough stand against spam e-mail yesterday with a law prohibiting anyone from sending unsolicited commercial e-mail ads to a California e-mail address. The law will take effect from 1 January.
The law sets up an "opt-in" requirement, the aim being to prevent e-mail users from getting e-mail ads unless they have asked to be on the sender's list.
Senders of unsolicited messages could be held liable for damages of up to $1,000 for each message to an individual and up to $1m for each e-mail ad sent out. The recipient, the state attorney general or the e-mail service provider could seek damages.
The law also bans sending spam from California and prohibits the collection of e-mail addresses or registering multiple e-mail addresses for the purpose of sending spam.
Another bill, where ISPs would be held liable for spam, was defeated. A US senator claimed Microsoft had spearheaded an effort to defeat it.
However, Microsoft spokesman Sean Sundwall said his company perceived the anti-spam law as a positive step, adding that Microsoft has taken several steps to keep spammers from taking advantage of its Hotmail service.
If a spammer uses such a service to send unwanted e-mail, "that's the fault of the spammer, not the fault of the ISP", Sundwall said.
Commentators familiar with the legal issues said the law's provision for individuals to sue over spam makes it stand out.
Unscrupulous spammers who are hard to track down are unlikely to knuckle under, but they agreed the law should have some effect on both senders and recipients of commercial e-mail,.
"I don't think this is the silver bullet to spam. You're still going to want e-mail filters and you're still going to receive spam from parts unknown, but this will make a dent," said David Kramer, a partner at the law firm Wilson, Sonsini, Goodrich and Rosati.
Companies that may have been on the fence about whether to send unsolicited commercial e-mail now have a clear sign that it is illegal and the potential for lawsuits will enter the cost equation, he added.
Kramer believed a strong law in the largest state in the US would now put pressure on the US Congress to create more effective national anti-spam laws. "It's hard to go on record supporting weak or pre-emptive legislation," he said.
Washington is where the battle is heading now, agreed Devin Gensch, an attorney at law firm Fenwick & West.
He predicted that the new law is likely to spark action by both spam opponents calling for stronger laws and industry groups that want to pre-empt California with a more permissive federal law.
Meanwhile, corporations will need to take steps to make sure they have legally watertight opt-in systems, Gensch added.
Cindy Cohn, legal director of the San Francisco internet rights group Electronic Frontier Foundation, said individuals' right to sue should mean more actions taken against spammers. However, she worries about the larger impact.
"It's very broad, and I think it's likely to seep in to more than just what people think of as spammers," Cohn said. For example, a small business that sends occasional e-mail messages to a few customers could be hit because the law does not specify bulk transmissions, she said, adding that because it is hard to separate California e-mail addresses from those anywhere else, it could amount to the state imposing its standards everywhere.
"It's not appropriate for one state, by writing an overly broad law, to dictate what people do elsewhere," she said.
The best way to fight spam is not with a law but with filtering technology, which is more flexible, Cohn added.
Stephen Lawson writes for IDG News Service